<?php
 if ( ! defined('BASEPATH')) exit('No direct script access allowed');
Class Muser extends MY_Model
{
    public function __construct()
    {
        parent::__construct();
    }
    
    public function loginAdmin()
    {
        $uname = $this->getParamString('username');
        $upass = $this->getParamString('passwd');
        
        $sql = $this->db->query("SELECT id,salt,username,pword,fullname,mobile FROM user WHERE username = '".$uname."' ");
        if($sql->num_rows() > 0)
        {
            $data           = $sql->row();
            $salt           = $data->salt;
            $md5_pword      = md5($upass);
            $decode_pword   = md5($md5_pword.$salt);
            if($decode_pword == $data->pword)
            {
                $data = array(
                    'admin_id'        => $data->id,
                    'username'       => $data->username,
                    'fullname'       => $data->fullname
                );
                $this->session->set_userdata($data);
                return 200;
            }
            return 201;
        }
        return 202;
        
    }
    
    public function changepwDB($username)
    {
        $p1 = $this->getParamString('passwd');
        $passwd_new = $this->getParamString('passwd_new');
        $re_passwd_new = $this->getParamString('re_passwd_new');
        
        if($passwd_new != $re_passwd_new)
        {
            return 201;
        }
        
        $sql = $this->db->query("SELECT id,salt,username,pword,fullname,mobile FROM user WHERE username = '".$username."' ");
        if($sql->num_rows() > 0)
        {
            $data           = $sql->row();
            $salt           = $data->salt;
            $md5_pword      = md5($p1);
            $decode_pword   = md5($md5_pword.$salt);
            if($decode_pword == $data->pword)
            {
                $decode_pword_new = md5(md5($passwd_new).$salt);
                $this->db->update('user', array('pword' => $decode_pword_new), "id = ".$data->id);
                return 200;
            }
            return 201;
        }
    }
    
    public function getUserDB($number,$offset)
    {
        $id = $this->getParamUri(3,2);
        $limit = $offset ? intval($offset) : '0';
        
        $sql = "SELECT * FROM user WHERE 1=1 ";
        $key = $this->getParamString('keyword');
        if(!in_array($key, array(null, '', '0')))
        {
            $sql .= " AND (username like '%".$key."%' OR ";
            $sql .= " fullname like '%".$key."%' OR ";
            $sql .= " mobile like '%".$key."%' OR ";
            $sql .= " email like '%".$key."%') ";
        }
        $sql .= "ORDER BY id DESC";
        
        $xdata = " LIMIT ".$limit.",".$number." ";
        $xs = $this->db->query($sql.$xdata)->result_object();
        $count = $this->db->query($sql)->num_rows();
        return array('data' => $xs, 'count' => $count);
        
    }
    
    public function checkManage($id)
    {
        return $this->db->query('SELECT id FROM user WHERE active = 1 AND id = '.$id)->num_rows();
    }
    
    public function adduserDB()
    {
        $salt = $this->generateCode(5);
        $passwd_new = $this->getParamString('passwd');
        $user = $this->getParamString('username');
        $tr = $this->db->query('SELECT * FROM user WHERE username = "'.$user.'"')->num_rows();
        if($tr > 0)
        {
            return 201;
        }
        $data = array(
                'username' => $user,
                'fullname'  => $this->getParamString('fullname'),
                'email' => $this->getParamString('email'),
                'mobile' => $this->getParamString('mobile'),
                'pword' => md5(md5($passwd_new).$salt),
                'level' => 1,
                'salt'  => $salt
                );
        $this->db->insert('user', $data);
        return 200;
    }
    public function getUsser($id)
    {
        return $this->db->query('SELECT * FROM user WHERE id = '.$id)->row_object();
    }
    public function edituserDB($id)
    {
        $salt = $this->generateCode(5);
        
        $passwd_new = $this->getParamString('passwd');
        $data = array(
                'fullname'  => $this->getParamString('fullname'),
                'email' => $this->getParamString('email'),
                'mobile' => $this->getParamString('mobile'),
                'level' => 1,
                );
        if(!in_array($passwd_new, array(null, '', '0')))
        {
            $passwd = md5(md5($passwd_new).$salt);
            $data['pword'] = $passwd;$data['salt'] = $salt;
        }
        $this->db->update('user', $data, "id = ".$id);
        return 200;
    }
    public function deleteuserdb()
    {
        $id = $this->getParamInt('id');
        $this->db->delete('user',"id = '".$id."'");
        return 200;
    }
}